gnutls vulnerable to CVE-2009-2730

Bug #413136 reported by Tim Kosse
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gnutls12 (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Fix Released
Undecided
Jamie Strandboge
Hardy
Invalid
Undecided
Unassigned
Intrepid
Invalid
Undecided
Unassigned
Jaunty
Invalid
Undecided
Unassigned
Karmic
Invalid
Undecided
Unassigned
gnutls13 (Ubuntu)
Invalid
Undecided
Unassigned
Dapper
Invalid
Undecided
Unassigned
Hardy
Fix Released
Undecided
Jamie Strandboge
Intrepid
Invalid
Undecided
Unassigned
Jaunty
Invalid
Undecided
Unassigned
Karmic
Invalid
Undecided
Unassigned
gnutls26 (Ubuntu)
Fix Released
Undecided
Jamie Strandboge
Dapper
Invalid
Undecided
Unassigned
Hardy
Invalid
Undecided
Unassigned
Intrepid
Fix Released
Undecided
Jamie Strandboge
Jaunty
Fix Released
Undecided
Jamie Strandboge
Karmic
Fix Released
Undecided
Jamie Strandboge

Bug Description

GnuTLS 2.8.3 fixes a security vulnerability, see CVE-2009-2730

Release notes at http://article.gmane.org/gmane.network.gnutls.general/1733 and http://article.gmane.org/gmane.network.gnutls.general/1743

Tim Kosse (tim-kosse)
visibility: private → public
summary: - Upgrade to GnuTLS 2.8.3
+ gnutls vulnerable to CVE-2009-2730
Changed in gnutls26 (Ubuntu Intrepid):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Jaunty):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Karmic):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.6.6-1ubuntu1

---------------
gnutls26 (2.6.6-1ubuntu1) karmic; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 09:55:54 -0500

Changed in gnutls26 (Ubuntu Karmic):
status: In Progress → Fix Released
Changed in gnutls12 (Ubuntu Hardy):
status: New → Invalid
Changed in gnutls12 (Ubuntu Intrepid):
status: New → Invalid
Changed in gnutls12 (Ubuntu Jaunty):
status: New → Invalid
Changed in gnutls12 (Ubuntu Karmic):
status: New → Invalid
Changed in gnutls13 (Ubuntu Dapper):
status: New → Invalid
Changed in gnutls13 (Ubuntu Intrepid):
status: New → Invalid
Changed in gnutls13 (Ubuntu Jaunty):
status: New → Invalid
Changed in gnutls13 (Ubuntu Karmic):
status: New → Invalid
Changed in gnutls26 (Ubuntu Dapper):
status: New → Invalid
Changed in gnutls26 (Ubuntu Hardy):
status: New → Invalid
Changed in gnutls13 (Ubuntu Hardy):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls12 (Ubuntu Dapper):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in gnutls26 (Ubuntu Intrepid):
status: In Progress → Fix Committed
Changed in gnutls26 (Ubuntu Jaunty):
status: In Progress → Fix Committed
Changed in gnutls13 (Ubuntu Hardy):
status: In Progress → Fix Committed
Changed in gnutls12 (Ubuntu Dapper):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.4.2-6ubuntu0.1

---------------
gnutls26 (2.4.2-6ubuntu0.1) jaunty-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:01:09 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.4.1-1ubuntu0.4

---------------
gnutls26 (2.4.1-1ubuntu0.4) intrepid-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/21_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:03:56 -0500

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls13 - 2.0.4-1ubuntu2.6

---------------
gnutls13 (2.0.4-1ubuntu2.6) hardy-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/91_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0.
      This fixed required updating _gnutls_hostname_compare() in
      lib/x509/rfc2818_hostname.c to support wide wildcard hostname matching.
      This is a backward compatible change and which only adds additional
      matching of hostnames.
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 14:57:08 -0500

Changed in gnutls13 (Ubuntu Hardy):
status: Fix Committed → Fix Released
Changed in gnutls26 (Ubuntu Intrepid):
status: Fix Committed → Fix Released
Changed in gnutls26 (Ubuntu Jaunty):
status: Fix Committed → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :
Changed in gnutls12 (Ubuntu Dapper):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.